Vulnerable WordPress Plugins Report for the Week of March 8, 2019

Vulnerable Plugins

There are twenty items on the list this week, with the vast majority of them related to the Freemius framework disclosure that happened last week. WPVulnDB also has a list of plugins that use Freemius that have been updated. There are three additional plugins in this week’s list that were updated for security issues that I spotted.

Other WordPress Security News

Speaking of WPVulnDB, they now offer a plugin to scan your WordPress instance to find vulnerabilities listed in the their vulnerability database.

Sucuri released their Hacked Website Report 2018 earlier this week. Of the 18,302 infected sites they analyzed, 90% were WordPress, an increase from 83% in 2017. 36.7% of those WordPress sites were running an outdated version of WordPress, down from 39.3% in 2017. As in previous years, plugins/themes continue to be the main avenue for compromise. Definitely check out the full report.